13.92.139.102 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	(pop3d) Failed POP3 login from 13.92.139.102 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 1 08:24:14 ir1 dovecot[566034]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=13.92.139.102, lip=5.63.12.44, session=	2020-04-01 14:04:26

类型

评论内容

时间

attackspambots

(pop3d) Failed POP3 login from 13.92.139.102 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr  1 08:24:14 ir1 dovecot[566034]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=13.92.139.102, lip=5.63.12.44, session=

2020-04-01 14:04:26

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.92.139.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39913
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.92.139.102.			IN	A

;; AUTHORITY SECTION:
.			317	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 14:04:21 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 102.139.92.13.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 102.139.92.13.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
211.115.80.163	attackbots	Port probing on unauthorized port 445	2020-08-28 07:55:47
89.238.167.38	attack	0,83-01/02 [bc00/m50] PostRequest-Spammer scoring: essen	2020-08-28 08:18:06
106.54.3.250	attack	SSH Brute-Force attacks	2020-08-28 07:57:49
78.8.160.171	attackbots	Aug 27 05:23:36 mail.srvfarm.net postfix/smtpd[1347716]: warning: unknown[78.8.160.171]: SASL PLAIN authentication failed: Aug 27 05:23:36 mail.srvfarm.net postfix/smtpd[1347716]: lost connection after AUTH from unknown[78.8.160.171] Aug 27 05:29:51 mail.srvfarm.net postfix/smtpd[1341995]: warning: unknown[78.8.160.171]: SASL PLAIN authentication failed: Aug 27 05:29:51 mail.srvfarm.net postfix/smtpd[1341995]: lost connection after AUTH from unknown[78.8.160.171] Aug 27 05:31:27 mail.srvfarm.net postfix/smtpd[1355298]: warning: unknown[78.8.160.171]: SASL PLAIN authentication failed:	2020-08-28 08:19:23
175.6.6.147	attack	Aug 28 00:35:09 journals sshd\[30576\]: Invalid user redis from 175.6.6.147 Aug 28 00:35:09 journals sshd\[30576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.6.147 Aug 28 00:35:10 journals sshd\[30576\]: Failed password for invalid user redis from 175.6.6.147 port 2094 ssh2 Aug 28 00:38:14 journals sshd\[30850\]: Invalid user xd from 175.6.6.147 Aug 28 00:38:14 journals sshd\[30850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.6.147 ...	2020-08-28 07:58:16
81.183.113.193	attackspam	SSH brute force	2020-08-28 08:00:00
5.188.108.84	attack	Aug 27 23:04:37 mail.srvfarm.net postfix/smtpd[1773931]: warning: unknown[5.188.108.84]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 23:04:37 mail.srvfarm.net postfix/smtpd[1780716]: warning: unknown[5.188.108.84]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 23:04:37 mail.srvfarm.net postfix/smtpd[1780734]: warning: unknown[5.188.108.84]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 23:04:37 mail.srvfarm.net postfix/smtpd[1771972]: warning: unknown[5.188.108.84]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 23:04:37 mail.srvfarm.net postfix/smtpd[1780674]: warning: unknown[5.188.108.84]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-28 08:24:39
141.98.10.196	attack	Mailserver and mailaccount attacks	2020-08-28 07:57:05
202.153.37.205	attack	Aug 27 23:21:01 PorscheCustomer sshd[739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.153.37.205 Aug 27 23:21:02 PorscheCustomer sshd[739]: Failed password for invalid user aml from 202.153.37.205 port 53974 ssh2 Aug 27 23:25:39 PorscheCustomer sshd[824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.153.37.205 ...	2020-08-28 07:50:39
167.99.10.162	attack	MYH,DEF GET /test/wp-login.php	2020-08-28 07:47:28
222.186.173.226	attackspambots	Aug 27 23:48:08 rush sshd[7283]: Failed password for root from 222.186.173.226 port 61598 ssh2 Aug 27 23:48:20 rush sshd[7283]: Failed password for root from 222.186.173.226 port 61598 ssh2 Aug 27 23:48:20 rush sshd[7283]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 61598 ssh2 [preauth] ...	2020-08-28 07:52:38
49.233.134.252	attackbotsspam	Aug 28 01:18:59 sip sshd[1443527]: Invalid user pwrchute from 49.233.134.252 port 35168 Aug 28 01:19:01 sip sshd[1443527]: Failed password for invalid user pwrchute from 49.233.134.252 port 35168 ssh2 Aug 28 01:24:14 sip sshd[1443592]: Invalid user shop1 from 49.233.134.252 port 36930 ...	2020-08-28 07:55:15
161.35.126.137	attackbots	Invalid user oracle from 161.35.126.137 port 35212	2020-08-28 07:51:56
62.210.194.6	attackspam	Aug 27 19:30:55 mail.srvfarm.net postfix/smtpd[1703307]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 27 19:32:07 mail.srvfarm.net postfix/smtpd[1703120]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 27 19:33:25 mail.srvfarm.net postfix/smtpd[1703305]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 27 19:34:22 mail.srvfarm.net postfix/smtpd[1703307]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 27 19:34:29 mail.srvfarm.net postfix/smtpd[1703305]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6]	2020-08-28 07:45:10
78.8.160.227	attackspambots	Aug 27 08:11:55 mail.srvfarm.net postfix/smtpd[1417714]: warning: unknown[78.8.160.227]: SASL PLAIN authentication failed: Aug 27 08:11:55 mail.srvfarm.net postfix/smtpd[1417714]: lost connection after AUTH from unknown[78.8.160.227] Aug 27 08:12:00 mail.srvfarm.net postfix/smtpd[1414538]: warning: unknown[78.8.160.227]: SASL PLAIN authentication failed: Aug 27 08:12:00 mail.srvfarm.net postfix/smtpd[1414538]: lost connection after AUTH from unknown[78.8.160.227] Aug 27 08:13:44 mail.srvfarm.net postfix/smtps/smtpd[1430291]: warning: unknown[78.8.160.227]: SASL PLAIN authentication failed:	2020-08-28 08:19:00

最近上报的IP列表

162.217.167.70	210.246.138.85	163.238.20.114	51.84.55.186
150.194.38.148	62.97.44.33	198.65.12.118	43.10.222.205
35.36.58.163	164.156.127.81	49.56.93.77	118.89.60.105
223.15.146.235	172.104.235.73	121.148.0.153	125.234.134.225
105.83.144.5	180.241.45.167	61.65.249.152	77.81.191.142